近日,安全公司 Sophos 发布新闻稿,宣称有黑客锁定旧版 Adobe ColdFusion 软件,通过漏洞发起攻击。根据 Sophos 的说法,黑客组织 BlackDogs 在 9 月至 10 月初实施了相关攻击行为,锁定了“生命周期已经结束(EOL)”的 ColdFusion 11。黑客利用漏洞进入受害者的设备中,进而部署基于 LockBit 3.0 的勒索软件。不过这一行为遭到了公司的防护系统拦截。
安全公司表示,许多黑客正利用旧版软件的漏洞,从而散布勒索软件。近日还有针对 CVE-2023-40044 漏洞展开的攻击行动。黑客组织 Reichsadler 利用这项漏洞入侵受害者,并使用开源工具 GodPotato 将自身权限提升为 NT AUTHORITY\\SYSTEM,从而基于 LockBit 3.0 生成的勒索软件,企图索要虚拟货币。
Sophos 表示,用户应当积极更新电脑上的软件,以避免因旧版本软件结束生命周期,遭到黑客入侵。
英文翻译:
News Title: Hacker Attacks on Old 版 Adobe ColdFusion, Sophos Unlocks Attack Methods
Keywords: Hacker attacks, Adobe ColdFusion, Sophos, vulnerabilities, ransomware
News Content:
Recently, the security company Sophos released a news release, claiming that hackers have locked down old versions of Adobe ColdFusion software and launched attacks through vulnerabilities. According to Sophos, the hacker group BlackDogs carried out the attack between September and early October of this year, locking down ColdFusion 11, which has reached the end of its lifecycle. Hackers used the vulnerability to gain access to the victim’s devices, deploying ransomware based on LockBit 3.0. However, this behavior was intercepted by the company’s security system.
The security company claims that many hackers are exploiting vulnerabilities in old version software to spread ransomware. Recently, there have been attacks targeting the CVE-2023-40044 vulnerability. The hacker group Reichsadler used this vulnerability to infiltrate victims and raised its privileges to NT AUTHORITY\\SYSTEM using open-source tools GodPotato, then used ransomware generated by LockBit 3.0 to demand virtual currency.
Sophos emphasizes that users should actively update their computer software to avoid being hacked due to the end of the lifecycle of old version software.
【来源】https://www.ithome.com/0/727/307.htm
Views: 1